package com.sso.web;

import javax.servlet.http.HttpServletRequest;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.sso.common.cons.Const;
import org.sso.common.cons.ParamConst;
import org.sso.common.cookie.TokenHelper;
import org.sso.common.domian.Ticket;
import org.sso.common.domian.Token;
import org.sso.common.encrypt.AES;
import org.sso.common.util.HttpUtil;

@Controller
@RequestMapping("/sso")
public class SsoController extends Base {
	private static final Logger logger = LoggerFactory.getLogger(SsoController.class);

	/**
	 * 获取系统状态
	 * 
	 * @return
	 *
	 */
	@RequestMapping("/login")
	public String login() {
		String retUlr = request.getParameter(Const.ReturnURL);
		request.getSession().setAttribute(Const.ReturnURL, HttpUtil.encodeURL(retUlr));
		return "/html/index";
	}

	/**
	 * 获取系统状态
	 *
	 * @return
	 *
	 */
	@RequestMapping(value = "/checklogin")
	public String checklogin() {
		String name = request.getParameter("name");
		String password = request.getParameter("password");
		Ticket tic = (Ticket) request.getSession().getAttribute(Const.Data);
		if ("admin".equals(name) && "admin".equals(password)) {
			Token token = new Token(request, ParamConst.cookie_domain);
			token.setId(111l);
			TokenHelper.setSSOCookie(request, response, ParamConst.cookie_domain, token, AES.getInstance());
			String url = (String) request.getSession().getAttribute(Const.ReturnURL);
			// 跨域
			if (tic != null) {
				tic.setTk(token);
				// 加上sso系统私钥，生成信任签名
				tic.sign(ParamConst.RSA_SSO_Private_key);
				logger.info("login succ!!|重定向到原页面|" + HttpUtil.decodeURL(url) + "?data=" + tic.encryptToken());
				return redirectTo(HttpUtil.decodeURL(url) + "?data=" + tic.encryptToken());
			}
			// 同域
			logger.info("login succ!!|重定向到原页面|" + HttpUtil.decodeURL(url));
			return redirectTo(HttpUtil.decodeURL(url));
		}
		return "/html/index";
	}

	/**
	 * 获取系统状态
	 * 
	 * @return
	 *
	 */
	@RequestMapping("/crosslogin")
	public String checkToken() {
		String retUlr = request.getParameter(Const.ReturnURL);
		request.getSession().setAttribute(Const.ReturnURL, HttpUtil.encodeURL(retUlr));
		String data = request.getParameter("data");
		// 验证签名
		Ticket tic = verify(request, data);
		if (tic == null) {
			return "/html/illegal";
		} else {
			// 验证token
			Token token = TokenHelper.getToken(request);
			if (token == null) {
				return "/sso/login" + "?data=" + tic.encryptToken();
			}
			tic.setTk(token);
			// 加上sso系统私钥，生成信任签名
			tic.sign(ParamConst.RSA_SSO_Private_key);
			logger.info("login succ!!|重定向到原页面|" + HttpUtil.decodeURL(retUlr) + "?data=" + tic.encryptToken());
			return redirectTo(HttpUtil.decodeURL(retUlr) + "?data=" + tic.encryptToken());
		}

	}

	public Ticket verify(HttpServletRequest request, String data) {
		Ticket tic = TokenHelper.replyCiphertext(request, data);
		request.getSession().setAttribute(Const.Data, tic);
		// 验证秘钥签名
		return tic.verify(ParamConst.RSA_OA_Public_key);

	}

}
